Skip to content

Commit 13d7e1e

Browse files
evgeniy-scherbinaevgeniy-scherbina
committed
temporary commit
1 parent dee6265 commit 13d7e1e

File tree

9 files changed

+34
-14
lines changed

9 files changed

+34
-14
lines changed

coderd/database/dbauthz/dbauthz.go

Lines changed: 5 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -3872,13 +3872,12 @@ func (q *querier) InsertUserLink(ctx context.Context, arg database.InsertUserLin
38723872
}
38733873

38743874
func (q *querier) InsertUserSecret(ctx context.Context, arg database.InsertUserSecretParams) (database.UserSecret, error) {
3875-
return database.UserSecret{}, nil
3876-
3877-
//if err := q.authorizeContext(ctx, policy.ActionUpdate, rbac.ResourceUserObject(arg.UserID)); err != nil {
3878-
// return database.UserLink{}, err
3879-
//}
3875+
obj := rbac.ResourceUserSecret.WithOwner(arg.UserID.String())
3876+
if err := q.authorizeContext(ctx, policy.ActionCreate, obj); err != nil {
3877+
return database.UserSecret{}, err
3878+
}
38803879

3881-
//return q.db.InsertUserLink(ctx, arg)
3880+
return q.db.InsertUserSecret(ctx, arg)
38823881
}
38833882

38843883
func (q *querier) InsertVolumeResourceMonitor(ctx context.Context, arg database.InsertVolumeResourceMonitorParams) (database.WorkspaceAgentVolumeResourceMonitor, error) {

coderd/database/dbauthz/dbauthz_test.go

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5718,3 +5718,13 @@ func (s *MethodTestSuite) TestAuthorizePrebuiltWorkspace() {
57185718
}).Asserts(w, policy.ActionUpdate, w.AsPrebuild(), policy.ActionUpdate)
57195719
}))
57205720
}
5721+
5722+
func (s *MethodTestSuite) TestUserSecrets() {
5723+
s.Run("InsertUserSecret", s.Subtest(func(db database.Store, check *expects) {
5724+
user := dbgen.User(s.T(), db, database.User{})
5725+
arg := database.InsertUserSecretParams{
5726+
UserID: user.ID,
5727+
}
5728+
check.Args(arg).Asserts(rbac.ResourceUserSecret.WithOwner(arg.UserID.String()), policy.ActionCreate)
5729+
}))
5730+
}

coderd/database/dbgen/dbgen.go

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1352,6 +1352,19 @@ func PresetParameter(t testing.TB, db database.Store, seed database.InsertPreset
13521352
return parameters
13531353
}
13541354

1355+
func UserSecret(t testing.TB, db database.Store, seed database.InsertUserSecretParams) database.UserSecret {
1356+
schedule, err := db.InsertUserSecret(genCtx, database.InsertUserSecretParams{
1357+
ID: takeFirst(seed.ID, uuid.New()),
1358+
UserID: takeFirst(seed.UserID, uuid.New()),
1359+
Name: takeFirst(seed.Name, "secret-name"),
1360+
Description: takeFirst(seed.Description, "secret description"),
1361+
Value: takeFirst(seed.Value, "secret value"),
1362+
ValueKeyID: takeFirst(seed.ValueKeyID, sql.NullString{}),
1363+
})
1364+
require.NoError(t, err, "insert preset prebuild schedule")
1365+
return schedule
1366+
}
1367+
13551368
func provisionerJobTiming(t testing.TB, db database.Store, seed database.ProvisionerJobTiming) database.ProvisionerJobTiming {
13561369
timing, err := db.InsertProvisionerJobTimings(genCtx, database.InsertProvisionerJobTimingsParams{
13571370
JobID: takeFirst(seed.JobID, uuid.New()),

coderd/database/dump.sql

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/migrations/000349_add_user_secrets.down.sql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1 +1,2 @@
11
DROP TABLE user_secrets;
2+
-- TODO: DROP index

coderd/database/migrations/000349_add_user_secrets.up.sql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ CREATE TABLE user_secrets (
33
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
44
user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
55
name TEXT NOT NULL,
6-
description TEXT,
6+
description TEXT NOT NULL,
77

88
-- The encrypted secret value (base64-encoded encrypted data)
99
value TEXT NOT NULL,

coderd/database/modelmethods.go

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -617,8 +617,5 @@ func (m WorkspaceAgentVolumeResourceMonitor) Debounce(
617617
}
618618

619619
func (s UserSecret) RBACObject() rbac.Object {
620-
return rbac.ResourceUserSecret.WithID(s.ID).
621-
InOrg(s.OrganizationID).
622-
WithACLUserList(t.UserACL).
623-
WithGroupACL(t.GroupACL)
620+
return rbac.ResourceUserSecret.WithOwner(s.UserID.String())
624621
}

coderd/database/models.go

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/queries.sql.go

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy